Terms and Conditions of Use and GDPR Compliance
Company Information:
- Business Name: Positiv IM EOOD
- VAT ID: BG204666642
Personal Data Processing at Wishmore Guest House:
In line with GDPR requirements, Wishmore Guest House processes personal data to enhance service quality and diversity for our guests. We prioritize data security as crucial to our business integrity and public reputation, implementing robust technical and organizational safeguards against unauthorized access, misuse, loss, or premature deletion of data.
Purpose of Data Processing:
For Compliance with Legal Obligations:
- We process personal data such as names, Personal Identification Numbers, gender, citizenship, permanent addresses, email addresses, and IP addresses, to comply with legal obligations under laws like the Tourism Law, and to fulfill our contractual responsibilities to you.
- Data gathered from website interactions are also processed for these purposes.
Processing Aims:
- Identity verification at Wishmore Guest House;
- Managing and fulfilling service requests;
- Billing and invoicing for services;
- Providing comprehensive service and managing financial transactions.
Data Sharing and Disclosure:
In adherence to GDPR, personal data are processed and disclosed only under legal obligations, such as:
- Disclosures to consumer protection agencies as required by law;
- Compliance with GDPR and other related data protection regulations;
- Obligations under accounting and tax laws;
- Legal disclosures during judicial proceedings.
Data Protection Measures:
Consistent with GDPR guidelines, we employ necessary measures for data protection, including the appointment of a Data Protection Officer. Advanced security measures like encryption and pseudonymization are used to enhance data security.
Data Retention and Deletion:
We align our data retention and deletion policies with GDPR standards. Data are retained only as long as necessary for legal, contractual, and operational purposes and are deleted or anonymized thereafter, except in cases of ongoing legal proceedings.
Your GDPR Rights:
- Right of Access: Obtain information about your data processing activities.
- Right to Rectification: Correct any inaccurate or incomplete data.
- Right to Erasure: Request deletion of data under GDPR provisions.
- Right to Object: Object to data processing based on legitimate grounds.
- Right to Restriction of Processing: Restrict processing under GDPR conditions.
- Right to Data Portability: Receive your data in a structured, commonly used format.
- Right to Lodge a Complaint: Direct any concerns to us or the relevant data protection authority.
Request Handling:
Submit requests related to your GDPR rights electronically or through legally authorized representatives. We are committed to responding within GDPR-specified timeframes.
Policy Updates:
To maintain GDPR compliance, our Personal Data Protection Policy will be regularly reviewed and updated. We encourage periodic review of our policy to stay informed about your data protection.